writeups.xyz / Exploiting Redash instances with CVE-2021-41192

Submitter : c2a

Date: 6 January 2022

Bounty : 90,000

Vulnerabilities :

• Privilege Escalation
• Session Management Issue
• SSRF

Programs :

• Undisclosed

Authors :

• Ian Carroll (@Iangcarroll)
• Tuan Anh Nguyen (@Haxor31337)
• Gal Nagli (@Naglinagli)

Link :
https://ian.sh/redash